This is a feature that I feel would be useful to implement in LinuxMCE, whether or not it should be a default option, or available as a how to article does not matter. I think this is a good idea in order to make it (at least in my case) a complete house solution.

My current, albeit contrary to the ideal, setup is using a Windows Server 2003 Domain controller for my home. This way, my family can have a single logon username and password for all the computers. I have two other Windows servers (a VPN server/File Server and a Terminal Server) as well as more than a half-dozen computers (all XP Professional). If I could extend this to cover: (1) the built in shares in LinuxMCE for media, (2) The web panel for voicemail, etc. (3) The mythweb login and other web server shares as well as (4) continuing to serve as a logon server for windows xp (professional only unfortunately) then I would have a perfect setup (I could take advantage of the networking features of LinuxMCE while getting rid of two of my windows servers.

From the research I have done, an ubuntu, perhaps a kubuntu server too, can work as a Samba Domain Controller as a logon/file/print server. I need to know how I can configure this without disrupting the LinuxMCE functionality but at the same time utilize the user database that LinuxMCE uses for the orbiters and the web panel. In order to integrate the LinuxMCE functionality into this setup, this requires editing the mysql database and this is not something I know how to do.

Granted I am not an expert at Linux, I do know my way around windows in both the desktop and server editions of Windows. If my idea is too far fetched or just not practical, I apologize. I simply would like everything to be as integrated as possible.

This could also be useful for those who have XP Professional or Vista Business/Ultimate systems and even Mac OS X and Linux Systems (as most(?) support Kerberos/LikewiseOpen for authentication to domain servers and I would think this would work for a Linux domain server).

If this is in the wrong category, I apologize; I was debating whether this was a question of a "how to do something" or if it was a "feature request" as it is both.

I agree, LinuxMCE should be the knot that ties everything in the home together. I believe authentication is a big part of that. I might even say that incorporating RADIUS into the server would be a good option as well. I know Freenas has an RADIUS authentication option as does other network appliances and software. Having these two features would allow for unified access without having to set passwords in multiple places.

so you want the user to have to log on on the orbiter to access files from a MD for example? Or when do you want to grant tickets? If you ask me this is overkill. What other services do you want to integrate?

It's probably more useful for those that still have windows PCs on the network, so can log into all with same user/password & don't have to authenticate again to access LinuxMCE shares.

If you are using the same username password combo on your windows machines, that you are using on your LinuxMCE install, Windows /should/ automatically identify you correct. At least it used to do that, regardless of domains.

It provides unified user management. Someone with Windows systems wouldn't have generate User(s) on all their systems that mirror the DCE users. This is also useful for other systems as well. As mentioned before, Freenas could use it.

I think this is a great idea and I would really like to have this functionality, but it raises quite a few questions...

Should it serve purely as a Domain Controller?How should it interact with LinuxMCE?Should it use terminal services to install Windows Orbiter to Windows Desktops?What needs to be considered to implement this without breaking existing functionality?Who is going to do the work?

Well what I had in mind was simply a single sign-on for all machines on the network. Maybe an Orbiter installed on the desktop there. Beyond that, things such as access to media folders... it's sort of unnecessary given that you have Media Directors handling things like that already. It would just defeat the purpose and break things such as the follow me feature.

I'm running samba4 alpha12 code at home, which allows it to be a PDC with win2008 LDAP schema (i've added 3 PCs to authenticate, 1 x win xp, 1 x win vista and 1 x ubuntu 10.04). I think once samba4 is ready from a GA standpoint (or even beta, because even this alpha works fantastic in a home setting) it would be worthwhile to add centralized authentication to the MCE and home environment.